When I bitlocker a surface firsttime it works fine but if i remove the bitlocker and then try to bitlock it again i get this error message. I have check the group policy and everything is setup.

If it was the group policy it wouldnt work the first time.

"group policy settings require that a recovery password be specified before encrypting the drive"

These are the things I have tried.

  • Remove PC from AD and added back in again
  • Remove Group policy from PC
  • Remove PC from Domain and re-add back onto domain
  • Clear TMP

I dont understand why it work for first time but not for 2nd time.

The reason why bitlocker was showing the GP error was because of the Keyboard on Surface.

I applied a solution from which said I need to put a key in OSEnablePrebootInputProtectorsOnSlates.

If you would like to apply this key with Group policy you can by enable the following key.

